What is a Keylogger?

A keylogger, also known as keystroke logging or keylogging, is a method of tracking the strokes on a keyboard without the knowledge of the user. This information is then collected and used to access private accounts or collect personal information. Keyloggers can come in the form of software, hardware, or external monitoring such as acoustic analysis or electromagnetic emissions. Software-based keyloggers use the target computer’s operating system in various ways, including: imitating a virtual machine (hypervisor-based or virtual machine manager), acting as the keyboard driver (kernel-based), using the application programming interface to watch keyboard strokes (API-based), recording information submitted on web-based forms (Form Grabber based) or capturing network traffic associated with HTTP POST events to steal passwords (Packet analyzers). Alternatively, keylogging can be done without installing software and can rely on modifying BIOS firmware (firmware-based) or installing a hardware circuit between the keyboard and the computer that logs keyboard stroke activity (keyboard hardware). Acoustic keylogging monitors the sound created by each individual keystroke and uses the subtly different acoustic signature that each key emits to analyze and determine what the target computer’s user is typing. Electromagnetic emission monitoring can capture the emissions from a wired (plug-in) keyboard from over 60 feet away using a wide-band receiver to keylog. Besides using standard malware-avoidance techniques, using a virtual keyboard (search your Microsoft operating system for “OSK” –On Screen Keyboard) can be used to type in passwords instead of your physical one and can thwart most of the simple keyloggers.